class ActionDispatch::PermissionsPolicy
Configures the HTTP Feature-Policy response header to specify which browser features the current document and its iframes can use.
Example global policy:
Rails.application.config.permissions_policy do |policy| policy.camera :none policy.gyroscope :none policy.microphone :none policy.usb :none policy.fullscreen :self policy.payment :self, "https://secure.example.com" end
Constants
- DIRECTIVES
-
List of available permissions can be found at github.com/w3c/webappsec-permissions-policy/blob/master/features.md#policy-controlled-features
- MAPPINGS
Attributes
Public Class Methods
Source
# File lib/action_dispatch/http/permissions_policy.rb, line 113 def initialize @directives = {} yield self if block_given? end
Public Instance Methods
Source
# File lib/action_dispatch/http/permissions_policy.rb, line 132 def build(context = nil) build_directives(context).compact.join("; ") end
Source
# File lib/action_dispatch/http/permissions_policy.rb, line 118 def initialize_copy(other) @directives = other.directives.deep_dup end
Private Instance Methods
Source
# File lib/action_dispatch/http/permissions_policy.rb, line 150 def apply_mapping(source) MAPPINGS.fetch(source) do raise ArgumentError, "Unknown HTTP permissions policy source mapping: #{source.inspect}" end end
Source
# File lib/action_dispatch/http/permissions_policy.rb, line 137 def apply_mappings(sources) sources.map do |source| case source when Symbol apply_mapping(source) when String, Proc source else raise ArgumentError, "Invalid HTTP permissions policy source: #{source.inspect}" end end end
Source
# File lib/action_dispatch/http/permissions_policy.rb, line 168 def build_directive(sources, context) sources.map { |source| resolve_source(source, context) } end
Source
# File lib/action_dispatch/http/permissions_policy.rb, line 156 def build_directives(context) @directives.map do |directive, sources| if sources.is_a?(Array) "#{directive} #{build_directive(sources, context).join(' ')}" elsif sources directive else nil end end end
Source
# File lib/action_dispatch/http/permissions_policy.rb, line 172 def resolve_source(source, context) case source when String source when Symbol source.to_s when Proc if context.nil? raise RuntimeError, "Missing context for the dynamic permissions policy source: #{source.inspect}" else context.instance_exec(&source) end else raise RuntimeError, "Unexpected permissions policy source: #{source.inspect}" end end